Phil Sutter <phil@xxxxxx> wrote:
> Assume that caller's 'to' offset really represents an upper boundary for
> the pattern search, so patterns extending past this offset are to be
> rejected.
>
> The old behaviour also was kind of inconsistent when it comes to
> fragmentation (or otherwise non-linear skbs): If the pattern started in
> between 'to' and 'from' offsets but extended to the next fragment, it
> was not found if 'to' offset was still within the current fragment.
>
> Test the new behaviour in a kselftest using iptables' string match.
>
> Suggested-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
> Fixes: f72b948dcbb85 ("[NET]: skb_find_text ignores to argument")
FYI, checkpatch complains about the fixes tag.
> diff --git a/tools/testing/selftests/netfilter/xt_string.sh b/tools/testing/selftests/netfilter/xt_string.sh
> new file mode 100755
> index 0000000000000..1802653a47287
> --- /dev/null
> +++ b/tools/testing/selftests/netfilter/xt_string.sh
Thanks for the test case. Is there a reason why its not hooked
up to the kselftest makefile?
I think it should be.
